afaik I already told you how to do that *in detail*
Again, we start w/ (some) list of chars, let's stay with those defined here:
http://en.wikipedia.org/wiki/ISO/IEC_8859-2
now we have a list that include also 12345 etc... we need to *either* use --hex-char or the .hcchr feature (
http://hashcat.net/wiki/doku.php?id=mask...rset_files )...
Remember you can put kind of every character into that hcchr file (only *first* row counts).
So what we need to do is.... copy-paste the hex-codes (2.line of each cell from
http://en.wikipedia.org/wiki/ISO/IEC_8859-2 ) and generate a hcchr file...
I.e. you can just copy-the numbers (hex-codes - middle-line) and but those "numbers" into a temp file.
then you have a list like this:
0020
0021
0023
...
00FD
0163
02D9
As we can immediately notice... at the first 2 "digits" of that list of 4 digits per line there is only 01 and 02 at the beginning....
therefore convert the list to (2 digit lines as below):
01
02
20
21
23
...
fd
63
d9
now I normally double-check if the lines are unique (since we "removed" the first 2 digits there may be some lines that are not uniq)..
sort -u mylist.txt > mylist_unique.txt
At this point you already have a list of all you hex-codes...
I usually convert this at the next step to 1 line (attention this is now sorted too! so a little bit rearranged from above)
0102....fd
Important: each "char" has exactly 2 digits... therefore the first line must be a multiple of 2
Say you have now this list w/ 1 line only and the length is multiple of 2, you should now be able to convert it to "chars" e.g. a simple run of xxd -r should work (it does convert hex codes to "chars"/binary):
Code:
xxd -p -r mylist_unique.txt > 8859-2.hcchr
This is your final hcchr file, that includes all chars from 8859-2 (if you need more you can add them of course but ... the more chars you have the longer bruteforce will take)...
Here is the mylist_unique.txt list that I have compiled from the wiki page (just for reference):
Code:
$ cat mylist_unique.txt
010203040506070C0D0E0F101118191A1B202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7EA0A4A7A8ADB0B4B8C1C2C4C7C9CBCDCED3D4D6D7D8D9DADBDCDDDFE1E2E4E7E9EBEDEEF3F4F6F7FAFCFD
(you need to run xxd -p -r mylist_unique.txt > 8859-2.hcchr # to get the hcchr file)
now to bruteforce the hash in question:
Code:
$ echo -en "\x01\x5112345"|md5sum
af2XaXXXX19XX0cXXX3XddXXXX5XX969
(I add this to m0000.txt , my hash file) and run:
Code:
$ ./oclHashcat -m 0 m0000.txt -a 3 -1 8859-2.hcchr --increment --increment-min 6 --increment-max 12 ?1?1?1?1?1?1?1?1?1?1?1?1
I already told you why we need the increment and why we need to have increment-min x and increment-max x*2 ... attention: the mask must ofc be long enough... at least 12 times ?1
This cracks the hash in question w/ a mask length of 7 (we already saw why? remeber? because the special letter - not the numbers - takes 2 code-points)...
Dictionary attack:
Code:
$ echo -en "\x01\x5112345" | md5sum | sed 's/ .*//' > m0000.txt
$ echo -en "\x01\x5112345" > dict.txt
$ ./oclHashcat -m 0 m0000.txt -a 0 -m m0000.txt dict.txt
Also this dictionary attack works as expected and "finds" the plain and cracks the hash.
Again, the only problem is that you need to understand how encoding works and need to prepare:
1. a hcchr file that includes every single character you want to bruteforce (including 01 and 02 hex-codes as defined in
http://en.wikipedia.org/wiki/ISO/IEC_8859-2 )
2. the hash file must be generated correctly and the dict must contain *exactly* the "string"/line you want to crack (and we already saw the special char \x01\x51 need to be in the dict of course)....
So, you see it is very simple